[5.x] Introduce invalid_token variable for password protected page (#…

…10956)
statamic · Oct 16, 2024 · d6c6395 · d6c6395
1 parent 00f1472
commit d6c6395
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/Auth/Protect/Tags.php b/src/Auth/Protect/Tags.php
@@ -15,15 +15,18 @@ class Tags extends BaseTags
 
  public function passwordForm()
  {
- if (! $token = Html::entities(request('token'))) {
+ if (! session('statamic:protect:password.tokens.'.request('token'))) {
  $data = [
  'errors' => [],
  'no_token' => true,
+ 'invalid_token' => true,
  ];
 
  return $this->parser ? $this->parse($data) : $data;
  }
 
+ $token = Html::entities(request('token'));
+
  $errors = session('errors', new ViewErrorBag)->passwordProtect;
 
  $data = [